ReportizFlow
Filtered by vendor
Subscriptions
Total
8473 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15363 | 1 Luracast | 1 Restler | 2025-04-20 | 7.5 High |
| Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter. | ||||
| CVE-2015-4704 | 1 Download Zip Attachments Project | 1 Download Zip Attachments | 2025-04-20 | N/A |
| Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the File parameter to download.php. | ||||
| CVE-2016-5941 | 1 Ibm | 1 Kenexa Lms | 2025-04-20 | N/A |
| IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2017-9640 | 2 Automatedlogic, Carrier | 3 I-vu, Sitescan Web, Automatedlogic Webctrl | 2025-04-20 | N/A |
| A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to overwrite files that are used to execute code. This vulnerability does not affect version 6.5 of the software. | ||||
| CVE-2014-8704 | 1 Wondercms | 1 Wondercms | 2025-04-20 | N/A |
| Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to include and execute arbitrary local files via a crafted theme. | ||||
| CVE-2014-8163 | 1 Redhat | 1 Satellite | 2025-04-20 | N/A |
| Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5. | ||||
| CVE-2016-4313 | 1 Extplorer | 1 Extplorer | 2025-04-20 | N/A |
| Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file. | ||||
| CVE-2016-4314 | 1 Wso2 | 1 Carbon | 2025-04-20 | N/A |
| Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the logFile parameter to downloadgz-ajaxprocessor.jsp. | ||||
| CVE-2017-2117 | 1 Cubecart | 1 Cubecart | 2025-04-20 | N/A |
| Directory traversal vulnerability in CubeCart versions prior to 6.1.5 allows attacker with administrator rights to read arbitrary files via unspecified vectors. | ||||
| CVE-2017-1000062 | 1 Kitto Project | 1 Kitto | 2025-04-20 | N/A |
| kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution | ||||
| CVE-2011-5325 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2025-04-20 | 7.5 High |
| Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink. | ||||
| CVE-2017-7577 | 1 Xiongmaitech | 1 Uc-httpd | 2025-04-20 | N/A |
| XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request. | ||||
| CVE-2017-9416 | 1 Odoo | 1 Odoo | 2025-04-20 | N/A |
| Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, and 10.0 allows remote authenticated users to read arbitrary local files readable by the Odoo service. | ||||
| CVE-2017-1000115 | 3 Debian, Mercurial, Redhat | 9 Debian Linux, Mercurial, Enterprise Linux and 6 more | 2025-04-20 | N/A |
| Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository | ||||
| CVE-2016-5803 | 1 Ca Technologies | 1 Unified Infrastructure Management | 2025-04-20 | N/A |
| An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory. | ||||
| CVE-2016-6269 | 1 Trendmicro | 1 Smart Protection Server | 2025-04-20 | 9.1 Critical |
| Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote attackers to read and delete arbitrary files via the tmpfname parameter to (1) log_mgt_adhocquery_ajaxhandler.php, (2) log_mgt_ajaxhandler.php, (3) log_mgt_ajaxhandler.php or (4) tf parameter to wcs_bwlists_handler.php. | ||||
| CVE-2015-7888 | 1 Samsung | 2 Galaxy S6 Edge, Galaxy S6 Edge Firmware | 2025-04-20 | N/A |
| Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. (dot dot) in the name of a file, compressed into a zipped file named cred.zip, and downloaded to /sdcard/Download. | ||||
| CVE-2016-9164 | 1 Ca | 1 Unified Infrastructure Management | 2025-04-20 | N/A |
| Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2015-1386 | 1 Unshield Project | 1 Unshield | 2025-04-20 | N/A |
| Directory traversal vulnerability in unshield 1.0-1. | ||||
| CVE-2017-1000026 | 1 Progress | 1 Mixlib-archive | 2025-04-20 | 7.5 High |
| Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries | ||||